package com.ldh.spring_sucurity.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;

/**
 * @author LiuDehuai
 * @fileName:SecurityConfig
 * @Date:2020/9/27 11:15
 * <author>     <time>     <version>    <desc>
 * 作者姓名       修改时间    版本号       描述
 */

//启用WebSecurity功能
@EnableWebSecurity
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    UserDetailsService userDetailsService;

    /**
     * 配置如何验证用户信息
     *
     * @param auth
     * @throws Exception
     */
    @Override
    @Autowired
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        //从内存加载
        //方式1
        // auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder()).withUser("liudehuai").password(new BCryptPasswordEncoder().encode("123456")).roles("USER");
        //方式2
        // auth.userDetailsService(userDetailsService()).passwordEncoder(passwordEnCoder());


        auth
                //从数据库加载
                .userDetailsService(userDetailsService)
                //密码的加密方式
                .passwordEncoder(passwordEnCoder());
    }

    /**
     * 加密方式
     *
     * @return
     */
    private PasswordEncoder passwordEnCoder() {
        return new BCryptPasswordEncoder();
    }

    /**
     * 用户管理
     *
     * @return
     */
    // @Override
    // @Bean
    // public UserDetailsService userDetailsService() {
    //     //InMemoryUserDetailsManager实现了UserDetailsService
    //     InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
    //
    //     //在内存中存放的用户信息(用户名、密码、角色)
    //     manager.createUser(User.withUsername("liudehuai").password(new BCryptPasswordEncoder().encode("123456")).roles("USER").build());
    //     manager.createUser(User.withUsername("admin").password(new BCryptPasswordEncoder().encode("123456")).roles("ADMIN", "USER").build());
    //     return manager;
    // }

    /**
     * 负责资源的权限控制
     *
     * @param http
     * @throws Exception
     */
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        //放行资源
        http
                .authorizeRequests()
                .antMatchers("/css/**","/index")
                .permitAll()
                //权限验证资源
                .antMatchers("/user/**")
                .hasRole("USER")
                .antMatchers("/blogs/**")
                .hasRole("USER")
                .and()
                //登录页
                .formLogin()
                .loginPage("/login")
                .failureUrl("/login-error")
                .and()
                //异常处理页
                .exceptionHandling().accessDeniedPage("/401");
        //登出Url
        http
                .logout()
                .logoutSuccessUrl("/");
    }

    public static void main(String[] args) {
        BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
        String result = encoder.encode("123456");
        System.out.println(result);
    }
}
